Page 146 - Courses
P. 146
Logical Security Applications
Concepts: Computer Types
Each type of computer has its own OS. Computer types include:
Mainframe Computer
High performance, large-scale computer used when greater availability and capacity is needed,
and large amounts of data are handled.
Used for high volume and process-intensive applications.
Usually take up most of an organization’s computer room and requires air conditioning.
Example OSs: z/OS, Unix, and Linux.
Example applications: mortgage processing and banking systems.
Midrange Computer
Not as powerful as a mainframe.
Resides on racks in a computer room and takes up considerably less space.
Better for smaller-to-medium-sized applications.
Less expensive.
Example OSs: Unix, OSx, AS 400, Sun OSx, and Windows.
Example applications: mid-to-smaller-payroll and GL systems.
Personal Desktop Computer
Standard computer used on a daily basis.
Least expensive.
Example OSs: Unix, IOS, Android, MAC OSx, and Windows.
Example application: Windows Office.
Concepts: Server Security Configuration
Key points of server security configuration:
To ensure a consistent approach, and to maintain ability and security, all servers in a
organization of the same type have the same base configuration.
Differences between servers occur when applications that run on them require different OS
settings.
Normally, a server team will install the server with the base security configuration, and then
hand it over to the application team to complete configuration of the application.
Usually, the server teams receive the server back from the application team to re-evaluate
access, as the application team may not remove all temporary files or accounts.
If IT is capable, the security evaluation is performed by the security administration team, or by
the server team with guidance by the security administration team.
Copyright © 2022 by The Institute of Internal Auditors, Inc. All rights reserved.
